Security Blogs
Security
3 Min Read
Announcing the availability of Cisco Talos Incident Response services to Splunk customers.
Latest Articles
Detect Money Laundering, Healthcare Fraud, and Unemployment Fraud with the New Version of the Splunk App for Fraud Analytics
Detect money laundering, healthcare fraud, and unemployment fraud with Splunk App Fraud Analytics 1.2.4.
Staff Picks for Splunk Security Reading February 2024
The Splunk security team shares a curated list of presentations, whitepapers, and customer case studies they feel are worth a read.
Beyond Logs: Navigating Entity Behavior in Splunk Platform
Master internal threat detection with Splunk's anomaly detection, finding events like unusual geolocations and spikes in activity, while optimizing security.
Unveiling Phemedrone Stealer: Threat Analysis and Detections
The Splunk Threat Research Team dissects the Phemedrone Stealer.
Add to Chrome? - Part 3: Findings and Recommendations
SURGe explores findings and general recommendations on whether or not you should click 'Add to Chrome' the next time you find a fancy new extension.
Add to Chrome? - Part 2: How We Did Our Research
SURGe explores the analysis pipeline in more detail and digs into the two main phases of this research – how the team collected the data and how they analyzed it.
Are You Forensic Ready?
In the landscape of everyday operations, the concept of forensic readiness may often linger unnoticed in the background.
Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard
The Splunk Threat Research Team outlines the attack chain detailed in the Microsoft blog, offering practical detection and hunting tips for cybersecurity defenders.
Supercharge Cybersecurity Investigations with Splunk and Graphistry: A Powerful Combination for Interactive Graph Exploration
In this blog post, we'll dive deeper into how combining Splunk and Graphistry can help you unlock new capabilities for your cybersecurity investigations and gain better resilience for your organization.
Building Large-Scale User Behavior Analytics: Data Validation and Model Monitoring
Splunk's Cui Lin explores fundamental techniques to validate data volume and monitor models to understand the size of your own UBA clusters.
Add to Chrome? - Part 1: An Analysis of Chrome Browser Extension Security
An overview of SURGe research that analyzed the entire corpus of public browser extensions available on the Google Chrome Web Store.
Another Year of RATs and Trojan Stealer: Detection Commonalities and Summary
The Splunk Threat Research Team shares analysis, analytic stories and security detections for seven well-known RAT and Trojan Stealer malware families.
How Tech Executives Can Support Gender Diverse Cyber Talent
The number of unfilled cybersecurity roles creates a perfect opportunity for leaders to attract female talent at their organizations.
Staff Picks for Splunk Security Reading January 2024
Welcome to the January Splunk staff picks blog – a curated list of presentations, whitepapers, and customer case studies that Splunk security experts feel are worth a read.
Security Insights: Jenkins CVE-2024-23897 RCE
In response to CVE-2024-23897, the Splunk Threat Research Team has developed new security detections and hunting queries to support defenders.
Security Insights: Tracking Confluence CVE-2023-22527
In response to CVE-2023-22527, the Splunk Threat Research Team has developed new security detections to support defenders.
Security Insights: Investigating Ivanti Connect Secure Auth Bypass and RCE
The Splunk Threat Research Team has swiftly developed Splunk analytics and hunting queries, helping defenders quickly adapt and respond to emerging threats CVE-2023-46804 and CVE-2024-21887.
Hypothesis-Driven Cryptominer Hunting with PEAK
A sample hypothesis-driven hunt, using SURGe's PEAK threat hunting framework, looking for unauthorized cryptominers.
Subscribe to our blog
Get the latest articles from Splunk straight to your inbox.
Connect with Splunk on X
Follow @Splunk
Connect with Splunk on Instagram
Follow @Splunk
